# SPDX-FileCopyrightText: 2023-2025 Sangfor Technologies Inc.
# SPDX-License-Identifier: Mulan PSL v2
#!/bin/bash
set -e

NEW_USER_ID="$1"
USER_PASSWORD="$2"
S3_SERVER="$3"
ADMIN_ACCESS="$4"
ADMIN_SECRET="$5"

USER_NAME="${NEW_USER_ID}"
BACKET_NAME="${NEW_USER_ID}"
TEMP_FILE=/tmp/aip_system_s3_policy_tmp.json

mc alias set aip_system_s3 "${S3_SERVER}" "${ADMIN_ACCESS}" "${ADMIN_SECRET}"
mc admin user add aip_system_s3 "${USER_NAME}" "${USER_PASSWORD}"
mc mb aip_system_s3/"${BACKET_NAME}"
cat <<EOF > ${TEMP_FILE}
{
 "Version": "2012-10-17",
 "Statement": [
  {
   "Effect": "Allow",
   "Action": [
    "s3:*"
   ],
   "Resource": [
    "arn:aws:s3:::${BACKET_NAME}/*"
   ]
  }
 ]
}
EOF
mc admin policy add aip_system_s3 "${BACKET_NAME}" /tmp/aip_system_s3_policy_tmp.json
mc admin policy set aip_system_s3 "${BACKET_NAME}" user="${USER_NAME}"
